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IN THE DRAWINGS 

Please replace Figures 1, 2A, 2B, 4, 5, and 7 with the enclosed replacement sheets. 
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REMARKS 

Please reconsider the application in view of the above amendments and the 
following remarks. Applicants thank the Examiner for carefully considering this 
application and for indicating that claims 7, 17, and 23 contain allowable subject matter. 

Disposition of Claims 

Claims 1-32 are pending in the present application. Claims 21 and 24-26 are 
canceled. New claims 33-36 are added. Claims 1, 8, 12, 29, and 33 are independent. 
The remaining claims depend, directly or indirectly, from claims 1, 8, 12, 29, and 33. 

Claim Amendments 

Claims 1, 4, 28, and 30 are amended to correct typographical errors identified by 
the Examiner. Claim 1 is further amended to clarify the scope of the claimed invention. 
Claim 4 is further amended to conform to the amendments to claim 1. Claim 28 is 
further amended to clarify the scope of the invention and to correct other typographical 
errors. Claim 30 is further amended to conform to the amendments to claim 28 and to 
correct other typographical errors. Claims 2, 3, 5, and 7 are amended to conform to the 
amendments to claim 1, to clarify antecedent basis, and to correct typographical errors. 
Claim 8 is amended to clarify the scope of the claimed invention, to clarify antecedent 
basis, and to correct typographical errors. Claims 9 and 1 1 are amended to conform to 
the amendments to claim 8 and to clarify antecedent basis. Claim 10 is amended to 
remove limitations with no antecedent basis. Claim 12 is amended to clarify the scope of 
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the claimed invention and to correct typographical errors. Claims 13, 14, and 17-20 are 
amended to conform to the amendments to claim 12 and to clarify antecedent basis. 
Claim 17 is further amended to depend from claim 12 rather than claim 13 and to correct 
typographical errors. Claims 22 is amended to depend from claim 17 and to conform to 
amendments made to claims 12 and 17. Claim 27 is amended to depend from claim 20 
and to clarify antecedent basis. Claims 29, 31, and 32 are amended to conform to the 
amendments to claim 28 and to clarify antecedent basis. No new matter is added by way 
of these amendments, as support can be found, for example, in Figures 5, 6, and 7, and 
paragraphs [0028]-[0032] of Applicants' specification. Claims 33-36 are new. No new 
matter is added by way of the new claims as support for the new claims can be found, for 
example, in Figure 6 and paragraphs [0040]-[0044] of Applicants' specification. 

Objection to the Specification 

The specification is objected to for repeated misspellings of the word "accessible." 
The specification is amended by way of this reply to correct these misspellings. The 
specification is also amended to include a reference number added to Figure 4 and to 
correct other typographical errors. Accordingly, withdrawal of this objection is 
requested. 

Claim Objections 

Claims 1, 4, 28, and 30 are objected to for containing typographical errors. 
Claims 1, 4, 28, and 30 are amended to correct the typographical errors noted by the 
Examiner. Accordingly, withdrawal of this objection is requested. 
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Drawings 

Applicants herewith submit replacement sheets with amendments to Figures 1, 
2A, 2B, 4, 5, and 7 to correct informalities. Further, Figures 1 and 4 are amended to 
correct typographical errors. No new matter is added by way of these amendments. 
Applicants request that the Examiner indicate all drawings are accepted in the next office 
action. 

Rejection(s) under 35 U.S.C. § 101 

Claims 12-16 stand rejected under 35 U.S.C. § 101 as being directed to non- 
statutory subject matter. More specifically, the Examiner rejects these claims as reciting 
elements that are solely "modules" which are computer software per se. To the extent 
the rejection may apply to amended claims 12-16, the rejection is traversed. 

Claim 12, as amended, recites, in part, "a first server comprising: a first 
administration module" and "a second server comprising: a second administration 
module." The recited servers are clearly not solely modules or computer software per se. 

For at least these reasons, claim 12 complies with the statutory subject matter 
requirement of 35 U.S.C. §101. Claims 13-16 depend either directly or indirectly from 
claim 12 and are statutory for at least the same reasons. Accordingly, withdrawal of this 
rejection is requested. 



20 



Application No.: 10/627,019 Docket No.: 03226/503001; P8951 

Rejection(s) under 35 U.S.C § 112 

Claims 12-27 stand rejected under 35 U.S.C. § 112 as being indefinite for failing 
to particularly point out and distinctly claim the subject matter. Claims 21 and 24-26 are 
canceled. Thus, the rejection is now moot with respect to these claims. To the extent 
that the rejection may apply to the remaining claims, this rejection is overcome. 

Turning to the rejection of claims 12-20, 22-23, and 27, independent claim 12 
stands rejected for lack of antecedent basis for "said second affiliated entity." Claim 12 
is amended to correct the antecedent basis. Claims 13-20 depend either directly or 
indirectly from claim 12 and are allowable for at the least the same reasons. 
Accordingly, withdrawal of this rejection is requested. 

Claims 22 and 23 stand rejected based on dependency from claim 21. Claims 22 
and 23 are amended to depend directly or indirectly from claim 12 and are allowable for 
at least the same reasons as claim 12. Accordingly, withdrawal of this rejection is 
requested. 

Claim 27 stands rejected for being vague and indefinite for not specifying which 
session module's network address is determined by the first session module. Claim 27 is 
amended to clarify that the network address of the second session module is determined 
by the first session module. Accordingly, withdrawal of this rejection is requested. 

Rejection(s) under 35 U.S.C. § 102 

Claims 1, 2, 8, 12-15, 18-19, 21-22, 24-25, and 30-32 stand rejected under 35 
U.S.C. § 102(e) as anticipated by U.S. Pub. No. 2003/0188156 Al (hereinafter referred 
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to as "Yasala"). Claims 21 and 24-25 are canceled by this reply so this rejection is moot 
as to these claims. To the extent that this rejection may still apply to the remaining 
amended claims, the rejection is traversed. 

"A claim is anticipated only if each and every element as set forth in the claim is 
found, either expressly or inherently described, in a single prior art reference." MPEP § 
2131 (quoting Verdegaal Bros. v. Union Oil Co. of California, 814 F.2d 628, 631, 2 
USPQ2d 1051, 1053 (Fed. Cir. 1987)). Further, "[t]he identical invention must be shown 
in as complete detail as is contained in the . . . claim." MPEP § 213 1 

As an initial matter, Applicants submit claims 30-32 cannot be anticipated by 
Yasala under 35 U.S.C § 102(e) because claims 30-32 depend directly or indirectly from 
independent claim 28 which the Examiner admits is not anticipated by Yasala. See 
Office Action dated December 12, 2006 at page 6. Therefore, withdrawal of this 
rejection is requested. 

Applicants assert that Yasala fails to expressly or inherently disclose each and 
every limitation of amended independent claims 1 and 12. Independent claim 1, as 
amended, recites 

storing said first certificate of said first server in a first trusted partner list 
accessible by said second server . ..wherein access by a client to a resource 
associated with said first server is controlled as a function of said first 
trusted partner list. 

Emphasis added. 

In other words, claim 1, as amended, recites that a trusted partner list accessible 
by a second server is used to control access by a client to a resource associated with a 
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first server. In contrast, Yasala teaches a peer authentication system and method in 
which access by a client to an application on a peer is controlled by two separate lists of 
authentication certificates accessible only by the peer. 

Specifically, Yasala discloses a two level security validation process in which a 
first peer, i.e., a client, requesting access to an application on a second peer sends an 
authentication certificate to the second peer. For the first level of security validation, the 
second peer compares a root certificate of this authentication certificate to a list of 
certificates in a trusted root certification authorities store accessible by the second peer. 
For the second level of security validation, the second peer uses the authentication 
certificate to authorize the first peer for the application by checking for an authentication 
certificate related to the first peer's authentication certificate in a peer authorized 
certificates store, i.e., a second list of certificates, accessible by the second peer. If both 
levels of validation are successful, the second peer grants access to the application to the 
first peer. In other words, Yasala discloses that access to an application on the second 
peer is controlled as a function of certificate lists accessible by the second peer. Yasala 
is completely silent regarding the use of a certificate list other than those certificate lists 
accessible by the second peer for controlling access to an application on the second peer. 
See Yasala, paragraphs [0012]-[0014]. Thus, Yasala clearly does not disclose a method 
"wherein access by a client to a resource associated with said first server is controlled as 
a function of said first trusted partner list [accessible by said second server]" as recited in 
claim 1. 
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Therefore, claim 1 is not anticipated by Yasala under 35 U.S.C. § 102(e). 
Independent claim 12 contains similar limitations and is allowable for at least the same 
reasons as claim 1. Further, claims 2, 13-15, 18-19, and 22 depend directly or indirectly 
from claims 1 and 12, and are allowable for at least the same reasons. Accordingly, 
withdrawal of this rejection is requested. 

Turning to the rejection of claim 8, Applicants assert that Yasala fails to expressly 

or inherently disclose each and every limitation of amended independent claim 8. 

Independent claim 8 recites, in part, 

initiating use of a resource associated with a relying server by a client, 
wherein an authentication assertion reference is provided by said client to 
said relying server, and wherein said authentication assertion reference is 
provided to said client by an issuing server, 

determining an identity of said issuing server as a function of said 
authentication assertion reference; 

sending an authentication request comprising a certificate of said relying 
server to said issuing server; 

determining if said certificate is contained in a trusted partner list of said 
issuing server; 

sending an authentication assertion, indicating that said client has been 
authenticated, from sqid_ issuing server to said relying server when said 
certificate is contained in said trusted partner list of said issuing server; 

providing said resource to said client by said relying server when said 
authentication assertion indicates that said client has been authenticated. 

Emphasis added. Amended claim 8 clearly recites a method of providing a circle 
of trust that involves a client, a relying server, and an issuing server. The method 
of claim 8 requires that a client provide an authentication assertion reference to a 
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relying server when initiating a use of a resource associated with the relying 
server. This authentication assertion reference is provided to the client by an 
issuing server. The method further requires that the issuing server send an 
authentication assertion to the relying server indicating that the client has been 
authenticated. In other words, the issuing party indicates to the relying server that 
the client has been authenticated. 

In contrast, Yasala discloses an authorization method involving only two 
peers. As described above in reference to claim 1, in this authorization method, a 
second peer may authorize a first peer, i.e., a client, to access an application on the 
second peer using an authentication certificate provided by the first peer. The 
second peer authorizes the first peer, i.e., a client, by consulting certificate lists 
maintained by the second peer. A careful reading of Yasala reveals that no third 
entity is involved in this authorization process. Therefore, Yasala clearly cannot 
disclose a method of providing a circle of trust that involves a client, a relying 
server, and an issuing server as recited in claim 8. 

Therefore claim 8 is not anticipated by Yasala under 35 U.S.C. § 102(e). 
Accordingly, withdrawal of this rejection is requested. 

Rejection(s) under 35 U.S.C § 103 

Claims 4, 5, 6, 9-10, 16, 20, 26-28, and 29 stand rejected under 35 U.S.C. § 103 as 
being unpatentable over Yasala in view of U.S. Patent No. 6,826,690 Bl (hereinafter 
"Hind"). Claim 26 is canceled by this reply. Thus, the rejection is now moot with 
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respect to claim 26. To the extent that this rejection may still apply to the remainder of 
the amended claims, the rejection is traversed. 

To establish a prima facie case of obviousness under 35 U.S.C. § 103(a), "the 
prior art reference (or references when combined) must teach or suggest all the claim 
limitations." MPEP § 2143.03. Further, "all words in a claim must be considered in 
judging the patentability of that claim against the prior art." MPEP § 2143.03. 

As explained above, Yasala fails to disclose all of the limitations of independent 
claims 1, 8, and 12. Further, Hind fails to supply that which Yasala lacks, as evidenced 
by the fact that the Examiner relies on Hind solely for the purpose of allegedly disclosing 
"the use of IP (or network) addresses as authentication credentials." See Office Action 
dated December 12, 2006 at page 7. Thus, Yasala and Hind, whether considered 
separately or in combination, fail to render independent claims 1, 8, and 12 obvious. 
Claims 4, 5, 6, 9, 10, 16, 20, and 27, which depend directly or indirectly from claims 1, 8, 
and 12, are patentable for at least the same reasons. Accordingly, withdrawal of this 
rejection is requested. 

Independent claim 28 recites, in part, 

receiving a first network address of a first server by a second server, 

storing said first network address of said first server in a first trusted 
partner list accessible by said second server; 

receiving a second network address of said second server by said first 
server, and 

storing said second network address of said second server in a second 
trusted partner list accessible by said first server. 
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Emphasis added. 

The Examiner admits that "Yasala does not teach the use of network addresses 
(internet protocol (IP) addresses) as authentication credentials." Office Action dated 
December 12, 2 0 06 at page 7. Applicants assert that Hind does not supply what Yasala 
lacks. In fact, the Examiner is completely mischaracterizing the teachings of Hind. Hind 
discloses a system and method for automatic authentication of communicating devices 
using device certificates. See Hind at col. 4, lines 1-6. In some embodiments, the 
authentication method may be used to authenticate a server requesting a network address 
and/or a provider of network addresses. See Hind at col. 1 1, lines 12-56. Nowhere does 
Hind disclose using a network address as an authentication credential as stated by the 
Examiner. In fact, the portion of Hind relied on by the Examiner explicitly states that 
"the present invention also defines novel techniques whereby devices performing in the 
role of a server can be authenticated before assignment of an IP address (or 
semantically-equivalent network address) thereto." Hind at col. 11, lines 12-16. 
Applicants fail to see how a teaching of authentication before assigning an IP address can 
be characterized as teaching authentication using an IP address. 

Furthermore, in rejecting claim 28 over the combination of Yasala and Hind, the 
Examiner is completely ignoring express limitations of claim 28 requiring that a network 
address of one server be received by another server and stored in the trusted partner list 
of the receiving server. In fact, a thorough review of Yasala and Hind reveal that both 
Yasala and Hind, whether considered alone or in combination, are completely silent 
regarding these express limitations. 
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Thus, Yasala and Hind whether considered separately or in combination, fail to 
render independent claim 28 obvious. Claim 29, which depends directly from claim 28, 
is patentable for at least the same reasons. Accordingly, withdrawal of this rejection is 
requested. 

New Claims 

New independent claim 33 recites limitations similar to those of amended 
independent claims 8 and 28 and is patentable for at least the same reasons discussed 
above. New dependent claim 34 depends directly from new independent claim 33 and is 
patentable for at least the same reasons. New dependent claim 35 depends directly from 
independent claim 28 and is patentable for at least the same reasons. New dependent 
claim 36 depends directly from independent claim 1 and is patentable for at least the 
same reasons. 
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Conclusion 

Applicants believe this reply is fully responsive to all outstanding issues and place 
this application in condition for allowance. If this belief is incorrect, or other issues 
arise, the Examiner is encouraged to contact the undersigned or his associates at the 
telephone number listed below. Please apply any charges not covered, or any credits, to 
Deposit Account 50-0591 (Reference Number 03226/503001). 

Dated: March 12, 2007 Respectfully submitted, 




1221 McKinney St., Suite 2800 



Houston, Texas 77010 
Attorney for Applicant 



Attachments: Replacement Sheets 
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